Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav before 11.4 allows remote attackers to cause a denial of service (crash) via vectors related to buffer resizing.
www.openwall.com/lists/oss-security/2016/08/13/1
www.openwall.com/lists/oss-security/2016/08/18/1
blogs.gentoo.org/ago/2016/08/07/libav-heap-based-buffer-overflow-in-ff_audio_resample-resample-c/
bugzilla.libav.org/show_bug.cgi?id=825
git.libav.org/?p=libav.git%3Ba=commit%3Bh=0ac8ff618c5e6d878c547a8877e714ed728950ce